Frequently Asked Questions
How was TrustedVolumes hacked?
An attacker exploited a public, permission-free function in TrustedVolumes’ custom RFQ smart contract that should have restricted who could register as an authorized order signer. By registering themselves, the attacker bypassed authorization checks and forged trading orders to drain approximately $6.7 million.
How much has been stolen from DeFi in 2026?
Based on reports through May 2026, DeFi exploits this year have exceeded $580 million, including the Drift Protocol ($285M) and KelpDAO ($292–293M) exploits in April alone. Security firm Ledger has warned 2026 may be the worst year on record for crypto hacks.
Can stolen DeFi funds be recovered?
Recovery is difficult once stolen assets are swapped and dispersed across multiple wallets. Some recoveries have occurred through on-chain negotiations (where attackers return funds for a bounty) or through centralized exchange blacklisting. In most cases, victims receive partial or no recovery.
Sources: PeckShield, Blockaid, CoinDesk, BitcoinEthereumNews, Forbes. Incident data as of May 8, 2026.
